Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Determining Trojans, File & Print Sharing, Services running remotely on W2K

Determining Trojans, File & Print Sharing, Services running remotely on W2K

From: Jason <cisspstudy_at_yahoo.com>
Date: 9 May 2002 23:03:02 -0000
('binary' encoding is not supported, stored as-is) I will be performing a workstation audit on 300 W2k
workstations across the network.

I need to scan to see:
1. If there are any trojans running on these hosts.
2. Whether shares are activated on these hosts.
3. Whether anti-virus is installed.

I will have domain administrator rights and all
workstations are in the windows NT 4.0 domain.

What tools do people recommend for performing each of these
steps? I will be scanning for workstations within a
specific IP range.

For Trojan Scanning I have seen tools like TFAK. But I am
not sure how good it is and I know it can't be run on a
block of IP's.

For determining whether shares are activated maybe I could
use something like Legion ?

For determining whether anti-virus is installed I need a
tool that can dump a list of services running on a remote
host for a block of IP addresses.

Any help appreciated.

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Received on May 10 2002

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]